Simple CakePHP2.x user shell for use with ACL roles

UserShell.php

<?php
// see User model at:
// https://gist.github.com/brianally/f4f70f5bb8c0f2304307

App::uses('AppShell', 'Console/Command');

class UserShell extends AppShell {
  
  public $uses = array('User');

  public function main() {
    $this->out('User shell');
    $this->out('usage: cake user [create|password|delete]');
    $this->out('');
  }


  /**
   * Create a user account
   * 
   * @return void
   */
  public function create() {

    $this->out(__('<comment>create user</comment>'));
    $this->hr();

    $roles     = $this->User->Role->find('list');
    $validates = false;

    while (!$validates) {
      $role_id = $username = $email = $pw1 = $pw2 = null;

      while (empty($role_id)) {
        $ids = array();
        $this->out('role:');

        foreach($roles as $id => $role) {
          $ids[] = $id;
          $this->out("${role} [${id}]");
        }

        $role_id = $this->in(__('choose an ID'));

        if (empty($role_id)) $this->out(__('<warning>role must not be empty</warning>'));

        if (!in_array($role_id, $ids)) {
          $this->out(__('<warning>role doesn\'t exist</warning>'));
          $role_id = null;
        }
      }

      while (empty($username) || isset($this->User->validationErrors['username'])) {
        unset($this->User->validationErrors['username']);
        $username = $this->in(__('username:'));
        if (empty($username)) $this->out(__('<warning>username must not be empty</warning>'));
      }

      while (empty($fname) || isset($this->User->validationErrors['first_name'])) {
        unset($this->User->validationErrors['first_name']);
        $fname = $this->in(__('first name:'));
        if (empty($fname)) $this->out(__('<warning>you must provide a first name</warning>'));
      }

      while (empty($lname) || isset($this->User->validationErrors['last_name'])) {
        unset($this->User->validationErrors['last_name']);
        $lname = $this->in(__('last name:'));
        if (empty($lname)) $this->out(__('<warning>you must provide a last name</warning>'));
      }

      while (empty($email) || isset($this->User->validationErrors['email'])) {
        unset($this->User->validationErrors['email']);
        $email = $this->in(__('email:'));
        if (empty($email)) $this->out(__('<warning>email must not be empty</warning>'));
      }

      while (empty($pw1) || isset($this->User->validationErrors['password'])) {
        unset($this->User->validationErrors['password']);
        while (empty($pw1)) {
          $pw1 = $this->in(__('password:'));

          if (empty($pw1)) $this->out(__('<warning>password must not be empty</warning>'));
        }

        while (empty($pw2)) {
          $pw2 = $this->in(__('confirm password:'));

          if ($pw1 !== $pw2) {
            $this->out(__('<warning>no match -- starting over</warning>'));
            $pw1 = $pw2 = null;
            break;
          }
        }
      }

      $data = array(
        'role_id'     => $role_id,
        'username'   => $username,
        'email'      => $email,
        'password'   => $pw1,
        'first_name' => $fname,
        'last_name'  => $lname
      );

      $this->User->create();
      $this->User->set($data);

      if (!$validates = $this->User->validates()) {
        $this->out(__('<error>validation failed</error>'));

        foreach($this->User->validationErrors as $field => $err) {
          $errs = implode('; ', $err);
          $this->out("<warning>${field}: ${errs}</warning>");
        }
        $this->hr();
      }
    }

    if ($this->User->save()) {
      $this->out(__('user created'));
    } else {
      $this->out(__('<warning>could not save user!</warning>'));
    }
  }


  /**
   * Set the password for some user. Note that there is no security on this
   * other than the assumption that access to console === admin
   * 
   * @return void
   */
  public function password() {

     $username = $id = $pw1 = $pw2 = null;

    $this->out(__('<comment>update password</comment>'));
    $this->hr();

    while (empty($id)) {
      $username = $this->in(__('enter a username'));
      $id = $this->User->field('id', array('username' => $username));
    }

    $this->out(__('found'));

    while (empty($pw1) || isset($this->User->validationErrors['password'])) {
      unset($this->User->validationErrors['password']);
      while (empty($pw1)) {
        $pw1 = $this->in(__('password:'));

        if (empty($pw1)) $this->out(__('<warning>password must not be empty</warning>'));
      }

      while (empty($pw2)) {
        $pw2 = $this->in(__('confirm password:'));

        if ($pw1 !== $pw2) {
          $this->out(__('<warning>no match -- starting over</warning>'));
          $pw1 = $pw2 = null;
          break;
        }
      }
    }

    // !! password is hashed in model
    
    $data = array(
      'id'       => $id,
      'password' => $pw1
    );

    $this->User->create();
    $this->User->set($data);

    if ($this->User->save()) {
      $this->out(__('password updated'));
    } else {
      $this->out(__('<warning>could not save new password</warning>'));
    }
  }

  /**
   * Remove a user account.
   * 
   * @return void
   */
  public function delete() {

    $this->out(__('<comment>delete user</comment>'));
    $this->hr();

    $username = null;

    while(empty($username)) {
      $username = $this->in(__('username:'));

      if (empty($username)) $this->out(__('enter a username'));
    }

    $data = $this->User->findByUsername($username);

    if (empty($data)) {
      $this->out(__('<error>user not found</error>'));
      $this->out(__('<warning>exiting</warning>'));
      return;
    }

    $this->User->create();

    if ($this->User->delete($data['User'][$this->User->primaryKey])) {
      $this->out(__('user deleted'));
    }
    else {
      $this->out("could not delete user ${username}");
    }

    $this->out(__('bye'));
  }

}